While virtualization and “cloud computing” have brought elasticity to computing resources and agility to applications in distributed computing environments, these technologies have also increased system and application management complexities. The conventional solution to dealing with the management of distributed systems and applications contributing to distributed service transactions has been the addition of layers of orchestration and management. While virtual machines improve resiliency and provide live migration capabilities (e.g., to reduce recovery times in cases of service failures), the increased complexity of hypervisors, their orchestration, and the movement and management of virtual machine images adds additional burden in the datacenter.
At the same time, data security has become a paramount consideration for any organization that operates or relies upon a datacenter. Current approaches to solving this issue, which marry server-centric operating system security with network-centric security, have generated a web of security management systems that require shared run-time resources along with applications. This has resulted in ad-hoc, somewhat parallel implementations of application execution and application management workflows.
As the complexity of the datacenter increases, the conventional response has been to introduce more resource administration and operational controls. For example, when services cross boundaries between datacenters and clouds, they use resources that are owned and managed by different service providers. Providing visibility and control of end-to-end service thus requires interfacing and integrating various systems and processes and such approaches does not scale well. Moreover, current authentication, authorization and accounting (AAA) schemes, with their server-centric origins, are not well suited for such environments.